Go Back   vb.org Archive > vBulletin 3 Discussion > vB3 General Discussions
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Display Modes
  #1  
Old 09-18-2007, 12:13 AM
bigcurt's Avatar
bigcurt bigcurt is offline
 
Join Date: Nov 2004
Location: KierDarby.php
Posts: 1,009
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default Here is my problem..

Hi,

Well, I haven't posted here in a while but now that I am I could really use your help. Someone is using a brute force program to get peoples AIM passwords targeted on my site. The person goes to my site looks at someones AIM name and then will use the brute force program to try and find his/her AIM password. Then, they use that password and match it to my site account to login. So, people that have easy passwords for both AIM/my site - their accounts get hijacked. Fairly complicated circumstance eh?

Well, any suggestions how I could fix this problem without totally destroying my site. I do not have any clues as to who it is really.
Reply With Quote
  #2  
Old 09-18-2007, 12:34 AM
Lizard King Lizard King is offline
 
Join Date: Jan 2005
Location: Mersin
Posts: 907
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

You can easily hide user contact information from guests.
Reply With Quote
  #3  
Old 09-18-2007, 01:16 AM
Kirk Y's Avatar
Kirk Y Kirk Y is offline
 
Join Date: Apr 2005
Location: Tallahassee, Florida
Posts: 2,604
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Or suggest that your users change their passwords...
Reply With Quote
  #4  
Old 09-18-2007, 11:11 AM
Paul M's Avatar
Paul M Paul M is offline
 
Join Date: Sep 2004
Location: Nottingham, UK
Posts: 23,748
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Just don't display their AIMS details.
Reply With Quote
  #5  
Old 09-18-2007, 01:41 PM
nexialys
Guest
 
Posts: n/a
Default

actually, this is not related to vBulletin but to AIM itself... i would suggest you report that brute guy to the http://www.aol.com/ official website... and yes, their navigation is a crap, complicated to have support...

it is related to AIM security protocol, i don't think it is just a problem of displaying AIM usernames on a site that would make the password retreivable... anyway, they are the ones who can handle that security breach...
Reply With Quote
  #6  
Old 09-22-2007, 08:36 PM
bigcurt's Avatar
bigcurt bigcurt is offline
 
Join Date: Nov 2004
Location: KierDarby.php
Posts: 1,009
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Thanks everyone. I know I can easily hide contacts. However, my site is a user trade facility so people make their "lists" full of things and then they put their contact information at the bottom. A lot of my users don't even fill out their profile; they just post their lists with their contact information.
Reply With Quote
  #7  
Old 09-25-2007, 12:13 AM
bigcurt's Avatar
bigcurt bigcurt is offline
 
Join Date: Nov 2004
Location: KierDarby.php
Posts: 1,009
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Any suggestions?
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 11:40 PM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.08846 seconds
  • Memory Usage 2,209KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (7)post_thanks_box
  • (7)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (7)post_thanks_postbit_info
  • (7)postbit
  • (6)postbit_onlinestatus
  • (7)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete